lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9f68005d-511f-4223-af8f-69fb885024a1@gmail.com>
Date: Tue, 30 Jul 2024 11:32:32 +0800
From: Leon Hwang <hffilwlqm@...il.com>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: Yonghong Song <yonghong.song@...ux.dev>, Zheao Li <me@...jusaka.me>,
 Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>,
 John Fastabend <john.fastabend@...il.com>,
 Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau
 <martin.lau@...ux.dev>, Eduard Zingerman <eddyz87@...il.com>,
 Song Liu <song@...nel.org>, KP Singh <kpsingh@...nel.org>,
 Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>,
 Jiri Olsa <jolsa@...nel.org>, bpf@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v2] bpf: Add bpf_check_attach_target_with_klog
 method to output failure logs to kernel



On 30/7/24 05:01, Andrii Nakryiko wrote:
> On Fri, Jul 26, 2024 at 9:04 PM Leon Hwang <hffilwlqm@...il.com> wrote:
>>
>>
>>
>> On 2024/7/27 08:12, Andrii Nakryiko wrote:
>>> On Thu, Jul 25, 2024 at 7:57 PM Leon Hwang <hffilwlqm@...il.com> wrote:
>>>>
>>>>
>>>>

[...]

>>>>
>>>> Is it OK to add a tracepoint here? I think tracepoint is more generic
>>>> than retsnoop-like way.
>>>
>>> I personally don't see a problem with adding tracepoint, but how would
>>> it look like, given we are talking about vararg printf-style function
>>> calls? I'm not sure how that should be represented in such a way as to
>>> make it compatible with tracepoints and not cause any runtime
>>> overhead.
>>
>> The tracepoint is not about vararg printf-style function calls.
>>
>> It is to trace the reason why it fails to bpf_check_attach_target() at
>> attach time.
>>
> 
> Oh, that changes things. I don't think we can keep adding extra
> tracepoints for various potential reasons that BPF prog might be
> failing to verify.
> 
> But there is usually no need either. This particular code already
> supports emitting extra information into verifier log, you just have
> to provide that. This is done by libbpf automatically, can't your
> library of choice do the same (if BPF program failed).
> 
> Why go to all this trouble if we already have a facility to debug
> issues like this. Note every issue is logged into verifier log, but in
> this case it is.
> 

Yeah, it is unnecessary to add tracepoint here, as we are able to trace
the log message in bpf_log() arguments with retsnoop.

Thanks,
Leon

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ